Reputational risks are caused by many intended, and unintended events, for example: a cyberattack on a retailer’s credit card data, manipulating markets or making trades based on insider data, employing under-aged workers overseas for a “US-based” company, or accidently serving contaminated or expired food at a restaurant.

Whether the event is intended or unintended, the responsibility ultimately belongs to the company’s CEO and their management team. Why, because it directly impacts revenue and the company’s brand.

One of the major reputational risks today is systems interruptions and Cybersecurity. Any interruption to services - whether it be from a cyber attack, system-wide outage, human error, or security breach, is a business disruption that goes all the way up to the C-suite executives down to their clients, and can cost extremely valuable time and money to repair…not to mention the damage to your reputation.

Some things are out of your control and customers will understand that; for example, a storm knocking out power and shutting down your systems. They won’t, however, be as understanding if you weren’t proactive in safeguarding your company. So how to do you stay ahead of the problems?

If a third-party is hosting your data or is the hub of your operation you still need to remain in control. When their systems go down or are breached, your clients are coming to you with their complaints - because ultimately you are responsible. One way to be proactive with a third-party vendor is to have them comply with your own internal requirements.

Make sure you have a tested disaster/incident recovery plan in place. Disaster/incident recovery planning is a huge undertaking and touches every part of your organization, but having a plan and testing it will help you face any challenges down the road.

When something goes wrong you will need the entire company on board, not just the IT team who’s going to work around the clock to remedy the situation. Your top management teams, PR professionals, customer support, and even your marketing staff need to be involved, and know what the company response is, and how it’s being communicated.

Be proactive. Invest in data analytics that will enable you to analyze real- time data, such as pattern detection and recognition. Keep on top of social media using text analysis that will pinpoint conversations about your company. Social media combined with big data analysis will help you get ahead of the crisis and lessen the impact. This combination could be the most important and impactful decision you make, better than business liability insurance!

Learn from mistakes. Hopefully you are not the target of a company-wide disruption, be it human error or cyber attack, but chances are some company, somewhere around the world is being hit right now. Most won’t make the front page news of the Wall Street Journal, but you need to be ready to respond to incidents whether they are the result by cyber security attacks, third-party partner action or employees’ mistakes. Loss of reputation is beyond repair if not properly and systematically addressed.

Make sure that you know what your business risks are and that you are up to date with managing them all the time. Managing your business risks are not a one-time event. Each component that contributes to the risks must be monitored in real time. There are multiple tools and technologies that will facilitate managing and monitoring both your business and operational risks.

In the end it’s your company name, your reputation, and your responsibility to ensure the integrity of your brand.

February 29, 2016

With just one click your files, credit cards, medical records and other personal information could be hacked with ransomware malware. Earlier this month, a cyberattack on Hollywood Presbyterian Medical Center took the hospital’s medical records hostage, demanding ransom in the form of Bitcoins.

Bitcoin is a virtual currency. Transactions are made anonymously without bank involvement. Since Bitcoins aren’t tied to any country or subject to any regulations, international payments are easy and cheap. Every user has a Wallet ID, but the names of the buyers and sellers are never revealed. This level of anonymity provides the perfect breeding ground for transactions such as ransomware.

It would be nice if there was a list of things to look for to help prevent these attacks, but ransomware is evolving. Hackers are finding new ways to completely lock your computer systems and block access to all of your files and encrypt them. Emails that look like they are coming from utility companies, credit card companies, and even banks contain files that once they are clicked will overtake your system.

While Hollywood Presbyterian Medical Center chose to pay the ransom via Bitcoin citing the need to get back patient medial records and the hospital back up and running as soon as possible, paying ransom isn’t the way to go.

First, even if you pay whatever is being asked there is no guarantee you’ll get the encryption code to access your files, and since nearly all of these ransom requests are made through anonymous payment methods – like Bitcoin – there’s no tracing where the money went, therefore no way to go after the attacker.

Second, if you pay the ransom the hackers may see you as an easy target and come back for more.

Third, by paying ransom you are feeding into the criminality of the entire operation. Providing money to these hackers will allow them to up their game with new malware and build out the ransomware malware network.

If anything looks suspicious in your email don’t click it, and if you think you’ve been infected by malware shut down your computer and disconnect it from any server in order to minimize the risk of infecting the entire network.

There are five fundamental thinks you should always remember to do when working on your computer while connected the Internet:

Count to ten and think before you click: Do not click on any URL embedded in an email, even from someone you know, unless you confirm that email came from the sender.

Update everything: Keep your operating system updated otherwise you might be dismissing an important security update.

Backup your files: If you fail to do anything else, this is the most important task you must do on a daily basis. There are many external trusted sites you can use to backup your computer

Secure you wireless network: Make sure you use a strong password when setting up your Wi-Fi router

Use strong password: Avoid using your cat and dog names. Instead include at least one number, a capital letter, symbols such as # or $, and make your password is at least six characters.

July 20, 2008

Many companies consider their log management strategy and related systems and techniques to be the most important weapon in their fight against fraud.But, implementing IT auditing measures through the use of log management is just the first step.In order to most effectively combat fraud, companies must have the proper procedures in place for handling incidents once they occur.The speed and accuracy with which an organization responds can mean the difference between losses that are minimal, and those that are significant.

What are some of the best ways to ensure swift, comprehensive incident response?

Assemble a team

Companies who designate specific staff members – in advance – to address incidents once they are detected will experience less confusion and delay.By clearly outlining who is responsible for what operational, decision-making, and investigative tasks, you can dramatically accelerate your incident response and resolution times.

Document policies

Once everyone knows what they are responsible for in the case of a security event, they then need guidelines as to how assigned tasks should be carried out.Formal, fully document response procedures will ensure that all actions taken are decisive, correct, and effective so losses can be contained as quickly as possible.

Consult with external parties immediately

Many companies make the mistake of contacting their legal counsel or local law enforcement agencies after the investigation has been completed.However, it is best to involve them in your evidence-gathering as soon as an incident occurs, since they can look at supporting data in an unbiased and experienced manner.

Utilize live response

The size and complexity of today’s technology architectures, combined with the increasing volume of malicious activity, have made it more difficult than ever to gather forensic evidence when a breach takes place.However, there are now tools on the market that allow for “live response” – the collection and analysis of system memory.This approach not only minimizes any impact on system performance during the evidence gathering process, it allows investigators to more rapidly examine data to find the supporting data they need.

Conduct ongoing assessments

Each time an incident occurs, have your team gather afterwards to discuss what areas of your incident response policy worked, and which ones didn’t. This will allow for ongoing learning and continuous enhancement, so policies can refined to be as effective as possible.

Be proactive

Of course, the best defense against fraud is to proactively prevent it.By analyzing log data in great detail to gain a full understanding of the patterns and trends that represent “normal” activity, companies can instantly uncover the peculiar or out-of-the-ordinary actions that lead up to a security event.Therefore, they can detect and stop breaches before they happen – instead of simply reacting to them once they have already occurred.